Safe method to encrypt data from an SSL webform?

libogen

I want the SSL 'post'ed contents of a webform to be encrypted by GnuPG and then emailed to me.

I'm new to PHP and have read various online articles and have been working my way through the book "PHP and MySQL Web Development".

Is it a security loophole to PGP/GPG encrypt the 'post'ed contents of an SSL form using PHP with register_globals=on (which is the setting used by most webhosts on their shared webservers)? Isn't this similar to using a Perl script to achieve the same result but calling Perl without using -T (taint mode) - I don't know Perl but have read a bit about this situ 🙂

If it's secure to use PHP to conduct the above, then my second question is:

What command should I use to encrypt the SSL 'post'ed form's data whilst it's still in memory?

To clarify this request, I've looked at sample scripts which write the 'post'ed forms data to disk using a temporary (tempnam) filename and fwrite. I think there are a few security problems with that method:
1/ Unencrypted data exists on disk and can be read or copied, even if it's only for a short time.
2/ Even after the temp file is deleted, if it's not securely deleted then there exists the possibility of the file being recreated by someone with access to the disk.
3/ If the server goes down before the process of deleting the temp file has been done, then the unencrypted data will be left in a file on the disk!

I'd really like to know if there's a way to encrypt the SSL 'post'ed form's data and email it without there being any significant loopholes.

Any pointers would be much appreciated :-)

Thanks,
Libogen

bretticus

I've never used GnuPG or even PGP to e-mail via a server-side Web script, but I think I can answer your concern about register_globals=on

register_globals=on basically allows you to get a varibiable from any input method without specifying the method. So for example, you could have a form submit a textarea field with the name attribute set to 'text' (we'll say) to a form handler and get the data by simply calling $text. The security issue here is that a maliscious user could manipulate cookie or session values using POST or GET values.

Teh solution to this is just specifying the input method. In your case get the data via:

$text = $_POST["text"];

I'd be interested in getting GnuPG to work. Thought about playing with that, i just usually have the people login to the same secure site to get the information.

libogen

Tks for the reply. I got similar feedback from a newsgroup posting (I'd given up on getting a reply to my forum post).

I haven't gotten around to using GPG on Win with PHP yet but will play around with stdin. It's now available under Win, see http://www.php.net/manual/en/features.commandline.php

cosolar

http://www.awtrey.com/support/scripts/gpgsend.php3

I would like to set up something like this. Any comments?